rhsa-2025:3867
Vulnerability from csaf_redhat
Published
2025-04-14 16:34
Modified
2025-04-17 22:44
Summary
Red Hat Security Advisory: Network Observability 1.8.1 for OpenShift
Notes
Topic
Network Observability 1.8 for Red Hat OpenShift.
Details
Network flows collector and monitoring solution.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Network Observability 1.8 for Red Hat OpenShift.",
"title": "Topic"
},
{
"category": "general",
"text": "Network flows collector and monitoring solution.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3867",
"url": "https://access.redhat.com/errata/RHSA-2025:3867"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56171",
"url": "https://access.redhat.com/security/cve/CVE-2024-56171"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-24928",
"url": "https://access.redhat.com/security/cve/CVE-2025-24928"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/latest/observability/network_observability/network-observability-operator-release-notes.html",
"url": "https://docs.openshift.com/container-platform/latest/observability/network_observability/network-observability-operator-release-notes.html"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3867.json"
}
],
"title": "Red Hat Security Advisory: Network Observability 1.8.1 for OpenShift",
"tracking": {
"current_release_date": "2025-04-17T22:44:15+00:00",
"generator": {
"date": "2025-04-17T22:44:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.2"
}
},
"id": "RHSA-2025:3867",
"initial_release_date": "2025-04-14T16:34:44+00:00",
"revision_history": [
{
"date": "2025-04-14T16:34:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-04-14T16:34:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-04-17T22:44:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Openshift Network Observability 1.8.1",
"product": {
"name": "Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.8::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Openshift Network Observability"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3A6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744114039"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3Ac918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744113155"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3Adf5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744107477"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744112527"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256%3Aabf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744132772"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744112501"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3A21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744114039"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3A2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744113155"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3A6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744107477"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744112527"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744112501"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3Ad7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744114039"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3A5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744113155"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3Ae8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744107477"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744112527"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744112501"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3Aa6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744114039"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3Aba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744113155"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3Ac22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744107477"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744112527"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1.8-1744112501"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64 as a component of Red Hat Openshift Network Observability 1.8.1",
"product_id": "Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64",
"relates_to_product_reference": "Red Hat Openshift Network Observability 1.8.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-56171",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-02-18T23:01:25.366636+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2346416"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Use-After-Free in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important because it involves a use-after-free flaw in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions. A maliciously crafted XML document or schema, containing specific identity constraints, can be used to trigger this vulnerability and potentially gain unauthorized access or cause a denial-of-service condition.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64"
],
"known_not_affected": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56171"
},
{
"category": "external",
"summary": "RHBZ#2346416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346416"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56171"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828"
}
],
"release_date": "2025-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-14T16:34:44+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3867"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml2: Use-After-Free in libxml2"
},
{
"cve": "CVE-2025-24928",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-02-18T23:01:36.502916+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2346421"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important because it involves a stack-based buffer overflow in the xmlSnprintfElements function within valid.c. Exploiting this issue requires DTD validation to occur on an untrusted document or untrusted DTD, making it a potential security risk for applications using libxml2 that do not adequately restrict DTD input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64"
],
"known_not_affected": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-24928"
},
{
"category": "external",
"summary": "RHBZ#2346421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346421"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-24928",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24928"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/392687022",
"url": "https://issues.oss-fuzz.com/issues/392687022"
}
],
"release_date": "2025-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-14T16:34:44+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3867"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:6fae298c2ba0d2535c1dc72d8f57d1f298701245d7275022f638a4191a6c3192_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:c22a176bbbcefb262a7af423e0e08132d09e49d9cc596380cedcca2aacaf8352_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:df5f85190d07444a9162e1040e05c2c29db5a539cbde3039118eec23cc43bee4_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:e8447a2da5f42fc28ea23d4ced948aa8803c5d8a344f970b79adffb06cc07f37_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:201ed271b65821dda567f604fd4900ce36a60f5051460c5459ee4d57c2d3ffa7_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:5ccbb51163097a36d9fbcdac81458f3ffc9b338c18d6e673d0ab55597ee0a499_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:92a89451c9c7f6a2ba480924edb3fd67f744288102c052e259f675a7f94b8e71_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:96fe24f6cc99779a2cc38a11ff61983910fa776d536e2478852aa4d25a2267a1_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:2f50d0688ceb8e770396620fa683d69a372ce694ce76be051f11d1a1ade35cc6_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:5bc92950609e6c252d9a027f347ef33ad11599dd27baf703228890f5e85b083d_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:ba662216d63dae14fd938fff9245604a6c5b60b2fcf9459205b1dea6854fa7df_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:c918c9adc2cf2d13c8080e5435e8dc1d1766c0b28c8f13e755f39e0a1b6b0fb2_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:21df605ab38417d4600ddec6c5c57c55c38a20471ca6573fe96adcdd731ad4ec_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:6b212006d1c4c91cb4532c22162fe719f8510fce9d2e34bf504ea4d9f8338346_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a6a6fe9f757e66fb892cfc0a04a488f82e3f63e22e9ca547180de3a49749fe3d_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:d7c2f0bfade7552f8f9842f82b36c22a860e3c90e1cf633962c5295fb6bba806_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:abf372f07ca49997f9298c73820542f001327680452f87f7d594e532f794dd23_amd64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901_ppc64le",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5c284278b38c431f87b8ee743dabfd10ea24961dee76b7f8f3b3a84269a37993_s390x",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:79f0da62e69353353c60a615a21243a5ad02b1247062886f66b05b8f8b3c7b4a_arm64",
"Red Hat Openshift Network Observability 1.8.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:931c4ea56af3ced616830034f84b5b3a37bb6051d853605ba501db8cfe4887b3_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.